Is your payment card data security compliant?

One of the hottest topics in the news today is identity theft and security of individuals’ financial information.

Are you PCI Compliant? – Take Our PCI Compliancy Quiz Today

Did you know that it is often more secure, these days, to buy something online with a credit card or debit card than to use that same card at retail establishment?  E-commerce has had to put in place firewall and security measures to make doing business possible.  Web developers and services like PayPal imbed high-end electronic security to keep the criminals at bay.

Payment Card Industry (PCI) has made the merchant responsible for data security.

Many retail and restaurant owners and managers do not know that data security compliancy is their responsibility.  They properly set up their business with all the licensing, inspections, and business systems required to do business in their area.  Often, nobody informs them that, if they are going to process customer credit card information, they are responsible for the security of that data.  Credit card companies have put this in the restaurant owner’s and retailer’s hands.  (Check online regularly for updated information—legislation on the state and federal level may require these large credit card companies to take on more responsibility and earn their fees.)

Secure the data access.

What should you do? Be sure that your internet access is firewalled and secured.  This includes wireless internet access too!  Use and regularly update anti-virus software. Lock your office doors and your computers.  It is never a good idea to use your POS computers for email or going online.

Foremost Business Systems Offers ESP (Enhanced Security Package)

Although PCI compliancy is ultimately the responsibility of you the merchant, Foremost can provide a solution to enhance your security and decrease your risk of having a credit card breach. We offer an ESP package that includes a hardware Firewall, up to date Anti-virus software, secure offsite database backup, removing of vendor default passwords, and securing the Windows environment on the Aloha file server and terminals.

Restaurant Owners are Responsible for Customer Credit Card Data

POS Data Security and PCI Compliancy: Big concern for merchants

It is crucial that you are using technology that protects your customers and ultimately protects you.  Aloha and NCR, as POS industry leaders, have developed validated data security software that works seamlessly with all of their Point of Sale technology.

Make sure your POS and card processing systems include security.

With the ease of hacking into networks and the wide use of wireless internet access, it is very easy for financial information predators to steal credit card information from the electronic card processing machine you use to swipe your customers’ cards.  Often there are no firewalls or internet security systems in place to stop these predators.  Install a new firewall.  Upgrade your POS software and windows operating systems to a PCI validated version for any computers that handle credit card processing for your business.

Payment Application Data Security Standards (PA DSS)

12 security standards set by the Payment Card Industry (PCI)

Control Objectives PCI DSS Requirements Build and Maintain a Secure Network

1. Install and maintain a firewall configuration to protect cardholder data
2. Do not use vendor-supplied defaults for system passwords and other security parameters

Protect Cardholder Data

3. Protect stored cardholder data
4. Encrypt transmission of cardholder data across open, public networks

Maintain a Vulnerability Management Program
5. Use and regularly update anti-virus software on all systems commonly affected by malware
6. Develop and maintain secure systems and applications

Implement Strong Access Control Measures

7. Restrict access to cardholder data by business need-to-know
8. Assign a unique ID to each person with computer access
9. Restrict physical access to cardholder data

Regularly Monitor and Test Networks

10. Track and monitor all access to network resources and cardholder data
11. Regularly test security systems and processes

Maintain an Information Security Policy

12. Maintain a policy that addresses information security

Additional Resources and Infomation

PDFs

Aloha POSv12.3 Data Security Implementation Guide – View PDF

PCI DSS Quick Reference Guide 3.1 – View PDF

Getting Stared With PCI-DSS – View PDF

Overview of PCI-DSS – View PDF

Ten Common Myths of PCI-DSS – View PDF

Links

List of Qualified Integrators and Resellers – View Link

Payment Card Industry Security Standards Council – View Link

PCI Self Assessment Questionnaire – View Link

PCI Compliance and Security Expertise – View Link

Payment Application Data Security Standard – View Link

MasterCard – View Link

List of Qualified Security Assessors (QSAs) – View Link

List of Approved Scanning Vendors (ASVs) – View Link

CALL Foremost Today! 952-920-8449

After Hours System Down Emergency (24/7): 952-920-1019

Foremost Business Systems is located in the Minneapolis & St. Paul metro area of Minnesota. Foremost has been providing unified end-to-end technology solutions for the service and hospitality industries since 1963 throughout Minnesota and western Wisconsin. We provide complete POS systems for single and multi-unit owners including customized sales, installation, training, repair, and support.

Be Sociable, Share!

PCI Qualified Integrator and Reseller

Contact Us



FREE POS QUOTE
Learn how you can increase your profits, experience smooth operations, and improve service!

FREE PCI COMPLIANT ANALYSIS
Are you aware of the PCI Compliance standards set by the Payment Card Industry?